Technological advances in embedded systems and the advent of fog computing led to improved quality of service of applications of cyber-physical systems. In fact, the deployment of such applications on powerful and heterogeneous embedded systems, such as multiprocessors system-on-chips (MPSoCs), allows them to meet latency requirements and real-time operation. Highly relevant to the industry and our reference case-study, the challenging field of nuclear fusion deploys the aforementioned applications, involving high-frequency control with hard real-time and safety constraints. The use of fog computing and MPSoCs is promising to achieve safety, low latency, and timeliness of such control. Indeed, on one hand, applications designed according to fog computing distribute computation across hierarchically organized and geographically distributed edge devices, enabling timely anomaly detection during high-frequency sampling of time series, and, on the other hand, MPSoCs allow leveraging fog computing and integrating monitoring by deploying tasks on a flexible platform suited for mixed-criticality software, leading to so-called mixed criticality systems (MCSs). However, the integration of such software on the same MPSoC opens challenges related to predictability and reliability guarantees, as tasks interfering with each other when accessing the same shared MPSoC resources may introduce non-deterministic latency, possibly leading to failures on account of deadline overruns. Addressing the design, deployment, and evaluation of MCSs on MPSoCs, we propose a model-based system development process that facilitates the integration of real-time and monitoring software on the same platform by means of a formal notation for modeling the design and deployment of MPSoCs. The proposed notation allows developers to leverage embedded hypervisors for monitoring real-time applications and guaranteeing predictability by isolation of hardware resources. Providing evidence of the feasibility of our system development process and evaluating the industry-relevant class of nuclear fusion applications, we experiment with a safety-critical case-study in the context of the ITER nuclear fusion reactor. Our experimentation involves the design and evaluation of several prototypes deployed as MCSs on a virtualized MPSoC, showing that deployment choices linked to the monitor placement and virtualization configurations (e.g., resource allocation, partitioning, and scheduling policies) can significantly impact the predictability of MCSs in terms of Worst-Case Execution Times and other related metrics.

嵌入式系统的技术进步和雾计算的出现提高了网络物理系统应用的服务质量。事实上，将此类应用部署在功能强大的异构嵌入式系统（例如多处理器片上系统（MPSoC））上，可以满足延迟要求和实时操作。与行业和我们的参考案例研究高度相关，具有挑战性的核聚变领域部署了上述应用，涉及具有硬实时和安全约束的高频控制。雾计算和 MPSoC 的使用有望实现此类控制的安全性、低延迟和及时性。事实上，一方面，根据雾计算设计的应用程序将计算分布在分层组织和地理分布的边缘设备上，从而能够在时间序列的高频采样期间及时进行异常检测，另一方面，MPSoC 允许利用雾计算和集成通过在适合混合关键性软件的灵活平台上部署任务来进行监控，从而形成所谓的混合关键性系统（MCS）。然而，此类软件在同一个 MPSoC 上的集成带来了与可预测性和可靠性保证相关的挑战，因为访问相同共享 MPSoC 资源时相互干扰的任务可能会引入不确定性延迟，可能会因超出期限而导致失败。针对 MPSoC 上 MCS 的设计、部署和评估，我们提出了一种基于模型的系统开发流程，通过对设计和部署进行建模的正式符号，促进实时软件和监控软件在同一平台上的集成。 MPSoC。所提出的表示法允许开发人员利用嵌入式虚拟机管理程序来监视实时应用程序并通过隔离硬件资源来保证可预测性。为了证明我们的系统开发过程的可行性并评估与行业相关的核聚变应用类别，我们在 ITER 核聚变反应堆的背景下进行了安全关键案例研究。我们的实验涉及在虚拟化 MPSoC 上部署为 MCS 的多个原型的设计和评估，表明与监视器放置和虚拟化配置（例如，资源分配、分区和调度策略）相关的部署选择可以显着影响 MCS 的可预测性。最坏情况执行时间和其他相关指标。